Subject: CVS commit: [pkgsrc-2015Q4] pkgsrc/audio/vorbis-tools
From: S.P.Zeidler
Date: 2016-01-18 06:47:06
Message id: 20160118054706.F1622FBB5@cvs.NetBSD.org
Log Message:
Pullup ticket #4879 - requested by bsiegert
audio/vorbis-tools: security fix

Revisions pulled up:
- audio/vorbis-tools/Makefile                                   1.62
- audio/vorbis-tools/distinfo                                   1.26
- audio/vorbis-tools/patches/patch-oggenc_audio.c               1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Tue Dec 29 15:12:20 UTC 2015

   Modified Files:
           pkgsrc/audio/vorbis-tools: Makefile distinfo
   Added Files:
           pkgsrc/audio/vorbis-tools/patches: patch-oggenc_audio.c

   Log Message:
   Fix CVE-2015-6749 in vorbis-tools: Buffer overflow in the aiff_open function in
   oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to
   cause a denial of service (crash) via a crafted AIFF file.

   Bump pkgrevision.

   To generate a diff of this commit:
   cvs rdiff -u -r1.61 -r1.62 pkgsrc/audio/vorbis-tools/Makefile
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/audio/vorbis-tools/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/audio/vorbis-tools/patches/patch-oggenc_audio.c
Files:
RevisionActionfile
1.61.8.1modifypkgsrc/audio/vorbis-tools/Makefile
1.25.2.1modifypkgsrc/audio/vorbis-tools/distinfo
1.1.2.2addpkgsrc/audio/vorbis-tools/patches/patch-oggenc_audio.c